Compare commits
2 commits
0217c618a6
...
4c4fe60679
| Author | SHA1 | Date | |
|---|---|---|---|
4c4fe60679
|
|||
|
9d6a555ccb
|
2 changed files with 24 additions and 11 deletions
12
flake.lock
12
flake.lock
|
|
@ -355,11 +355,11 @@
|
||||||
},
|
},
|
||||||
"nixos-unstable": {
|
"nixos-unstable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1708015737,
|
"lastModified": 1708057191,
|
||||||
"narHash": "sha256-wJmOLO9LruqgwcI3JpTd+8lzWt4jW7p73axqkx4R2vQ=",
|
"narHash": "sha256-O3M5EGAeKZdEzfFIjqah0d8M44A4QCSVwvkbz4cbC2s=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "cdbfd603de28a39ba532d9285e0045c505ce21c8",
|
"rev": "5e55f0bb65124b05d0a52e164514c03596023634",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -405,11 +405,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs-master": {
|
"nixpkgs-master": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1708055921,
|
"lastModified": 1708085864,
|
||||||
"narHash": "sha256-GDwp8KVykefTmXCJOsEgcqHVkGVc6SP5v4DoGwcW4H0=",
|
"narHash": "sha256-pQ6Xki/tqw5vZkOxYwWJSG4Xmhvp+GbRZolr4qJ+r4U=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "1e9717151a29946cfbd43a2f5035f4f22b1ffd36",
|
"rev": "f5a4d49bfd4569024630de517f9b074390c2c82f",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
||||||
|
|
@ -4,7 +4,7 @@ let
|
||||||
secret = import ../../../secret/hosts/Styx.nix;
|
secret = import ../../../secret/hosts/Styx.nix;
|
||||||
|
|
||||||
ssh-directory = "${config.home.homeDirectory}/.ssh";
|
ssh-directory = "${config.home.homeDirectory}/.ssh";
|
||||||
auth-socket = "${ssh-directory}/1password.sock";
|
auth-socket = "${config.home.homeDirectory}/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock";
|
||||||
signers-directory = "${ssh-directory}/allowed_signers";
|
signers-directory = "${ssh-directory}/allowed_signers";
|
||||||
|
|
||||||
shared-private = import ./shared/private.nix;
|
shared-private = import ./shared/private.nix;
|
||||||
|
|
@ -24,8 +24,7 @@ in
|
||||||
serverAliveInterval = 60;
|
serverAliveInterval = 60;
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
IdentityAgent "${auth-socket}"
|
IdentityAgent "${auth-socket}"
|
||||||
UpdateHostKeys ask
|
VerifyHostKeyDNS yes
|
||||||
# VerifyHostKeyDNS yes
|
|
||||||
'';
|
'';
|
||||||
|
|
||||||
matchBlocks = shared-private.matchBlocks // shared-work.matchBlocks;
|
matchBlocks = shared-private.matchBlocks // shared-work.matchBlocks;
|
||||||
|
|
@ -35,8 +34,6 @@ in
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
home.sessionVariables.SSH_AUTH_SOCK = "${auth-socket}";
|
|
||||||
|
|
||||||
home.file = {
|
home.file = {
|
||||||
"${ssh-directory}/GitHub.pub".text = ssh-keys.GitHub;
|
"${ssh-directory}/GitHub.pub".text = ssh-keys.GitHub;
|
||||||
"${ssh-directory}/GitLab.pub".text = ssh-keys.GitLab;
|
"${ssh-directory}/GitLab.pub".text = ssh-keys.GitLab;
|
||||||
|
|
@ -48,4 +45,20 @@ in
|
||||||
recursive = true;
|
recursive = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Make agent available to all programs
|
||||||
|
|
||||||
|
home.sessionVariables.SSH_AUTH_SOCK = "${auth-socket}";
|
||||||
|
|
||||||
|
launchd.agents.SSH_AUTH_SOCK = {
|
||||||
|
enable = true;
|
||||||
|
config = {
|
||||||
|
ProgramArguments = [
|
||||||
|
"/bin/sh"
|
||||||
|
"-c"
|
||||||
|
"/bin/ln -sf \"${auth-socket}\" $SSH_AUTH_SOCK"
|
||||||
|
];
|
||||||
|
RunAtLoad = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue